Hey, I hope you're doing well.
The issue with your JSON resource definition is a missing comma that separates the properties within the malwareScanning object. In JSON, each key-value pair must be separated by a comma. Here’s the corrected version of your JSON resource definition:
{
"type": "Microsoft.Security/DefenderForStorageSettings",
"apiVersion": "2022-12-01-preview",
"name": "current",
"scope": "[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]",
"properties": {
"isEnabled": true,
"malwareScanning": {
"onUpload": {
"capGBPerMonth": "[parameters('capPerMonth')]",
"isEnabled": true
},
"scanResultsEventGridTopicResourceId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/topics/', parameters('eventGridTopicName'))]"
},
"sensitiveDataDiscovery": {
"isEnabled": true
},
"overrideSubscriptionLevelSettings": true
},
"dependsOn": [
"[resourceId('Microsoft.Storage/storageAccounts', parameters('storageAccountName'))]"
]
}
The missing comma should be placed after the onUpload object:
{
"onUpload": {
"capGBPerMonth": "[parameters('capPerMonth')]",
"isEnabled": true
},
"scanResultsEventGridTopicResourceId": "[concat('/subscriptions/', subscription().subscriptionId, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/topics/', parameters('eventGridTopicName'))]"
}
Without the comma, the JSON is invalid, and this causes the malwareScanning property to be improperly parsed, preventing the onUpload malware scanning from being enabled correctly.
After adding the comma, the JSON should work as expected, enabling the onUpload malware scanning along with the other specified settings. I hope this helps you. Have a good time.